- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
You must log in or register to comment.
I know it’s isn’t looking good, but can’t f-droid signup as a dev entity and then sign all the apps in the repository?
It’s not the best approach, but what are the alternatives?
The purpose of this “verification” bullshit is to prevent piracy and adblocking via patching apks. So there will be a restriction that a given application can only be associated with one developer account (and verified at install time via apk’s signature).
Theoretically F-Droid could also change app ids when building apps which will allow them to be registered to F-Droid’s dev account but Google will likely frown upon that. There will probably be some clause against “impersonation” in their rules (Play Store rules already technically prohibit forks of open source apps, though it’s rarely enforced).
There will be apps Google will frown upon too like newpipe. I’d rather F-droid not even bother with trying to comply and register with Google, and just have it so either it works normally for Custom Rom users and other people can rely on adb installs.
The F-Droid project cannot require that developers register their apps through Google, but at the same time, we cannot “take over” the application identifiers for the open-source apps we distribute, as that would effectively seize exclusive distribution rights to those applications.
https://f-droid.org/2025/09/29/google-developer-registration-decree.html
“as we know them today” being omitted from a lot of headlines…
We shut really get a go fund me or something alike to sue google over its anti competitive behavior. Imagine if a small portion of people would donate and most devs will join in. We might stand a very small change to do something…
Did you see how difficult it was for “Stop Killing Games” to get momentum and be considered by regulators? And that was arguing for products you’ve already paid for.
Google will argue “security concerns” and point at Apple’s practices and easily get a free pass from regulators.
There needs to be an alternative to Android and Apple. Money may be better spent on funding non-Pixel hardware that can use Graphene.
But the thing is that they are not really making Android more secure with this policy.
They are still allowing APKs signed with debug keys to work… so the only alternative now for any developer that doesn’t want to register with Google is gonna be using those debug credentials to sign their app releases. I expect shipping APKs with debug keys will become more common, resulting in objectively a more unsafe Android ecosystem.
This is not gonna stop rogue APKs from outside Google’s store, it’s just gonna make them less secure, since being signed with a debug key means a malicious APK from a different source can produce another version of the app as an “update” and supplant the original.
This is not gonna stop alternative stores either, in fact, it will make it more important to use stores (as opposed to installing apks from github or so), since at least that way they can still implement alternative methods to check package authenticity before installing, even when using debug keys.
None of that logic matters man. Regulators don’t understand this shit. Do you think the UK’s online age restrictions make anyone safer? It’s all bullshit for their own purposes.
The EU got Apple to open up sideloading. Why would they not stop Google from suddenly doing the same?
Graphene’s team is already in communications with an Android OEM manufacturer, fortunately.
Maybe get the EU involved.
Fdroid are:
appealing to regulators and competition authorities to scrutinize Google’s proposals, and for developers and users to put pressure on politicians.
So I think these are preferred avenues of action right now.
Maybe see if the EFF has something in the works and domate to them
If Google wins this fight, I think we’re either going to have to fork AOSP and make graphene and lineage operating systems in their own right with no connection to the previous Android, or go with Linux mobile, or if nothing else happens, go back to the desktop and declare mobile a failure.
we’re either going to have to fork AOSP and make graphene and lineage operating systems in their own right with no connection to the previous Android
How feasible is this? Very, I hope.
It’s very feasible, but some of us will probably run old GrapheneOS Pixels or dumb flip phones for several years while the work gets done.
Not sure. Forking AOSP itself wouldnt really be the problem. The bigger issue would be security patches and that over time the code bases would severely diverge.
It’s sounding as crass as like the mutant registration storyline from X-Men. Same bullshit rationale too, but sadly not a comic.
life is always stranger than fiction; eventually if not already done.
Is the problem just F-Droid or the whole database? I’m using Droid-ify.
You will simply not be able to install anything, unless the FOSS dev is cool with providing their ID to Google, and agrees to its ToS, and Google likes the app and signs it.
Which many devs (myself included) will definitely NOT be.
Scary times.
Google is destroying itself
